The Device Lab is highly-collaborative environment where security researchers test medical instruments, applications, and devices in real-time from participating Medical Device Manufacturers. Any potential issues are reported directly to the manufacturer, and coordinated vulnerability disclosures are produced.
As part of their product security programs, their proactive initiatives to test their products, and to enhance the cybersecurity of their medical technologies, select medical device makers are teaming up with the Biohacking Village.
These manufacturers are inviting security researchers to learn and to test their products in dedicated spaces set aside for them. Their staff will answer questions, educate researchers, and triage any potential security issues. Researchers who perform testing should expect to follow the manufacturers’ published coordinated vulnerability disclosure policy and report any potential issues found so they can be addressed. Security researchers must sign the Hippocratic Oath for Hackers and agree to the framework of boundaries and rules of engagement during and post conference engagement.
Prepare for the Device Lab During DEFCON
New at the Device Lab this year will be Bluetooth Devices! You’ll want to prepare ahead of time to be ready to investigate these devices.
We recommend the following Bluetooth Adapter https://www.amazon.com/gp/product/B0161B5ATM Sena UD100 which is known to work with Kali and other linux distros
We also recommend practice with Hackgnar’s Bluetooth CTF found here: https://github.com/hackgnar/ble_ctf
Remember to practice SAFE and AUTHORIZED hacking! Only attack Bluetooth addresses that you have permission to access.
We will be posting the authorized Bluetooth Address list on-site in the Device Lab. Please only interact with AUTHORIZED addresses.